Revert 30938 - Add support for getting the real process id from within the su...

chrome/browser/zygote_main_linux.cc

 // Copyright (c) 2009 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <dlfcn.h>
+#include <unistd.h>
 #include <sys/epoll.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/signal.h>
 #include <sys/prctl.h>
-#include <sys/signal.h>
-#include <sys/socket.h>
-#include <sys/types.h>
 #include <sys/wait.h>
-#include <unistd.h>
-
-#if defined(CHROMIUM_SELINUX)
-#include <selinux/selinux.h>
-#include <selinux/context.h>
-#endif
 
 #include "base/basictypes.h"
 #include "base/command_line.h"
 #include "base/eintr_wrapper.h"
 #include "base/global_descriptors_posix.h"
-#include "base/hash_tables.h"
-#include "base/linux_util.h"
 #include "base/path_service.h"
 #include "base/pickle.h"
 #include "base/rand_util.h"
 #include "base/scoped_ptr.h"
 #include "base/sys_info.h"
 #include "base/unix_domain_socket_posix.h"
 
 #include "chrome/browser/zygote_host_linux.h"
 #include "chrome/common/chrome_descriptors.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/main_function_params.h"
 #include "chrome/common/process_watcher.h"
 #include "chrome/common/sandbox_methods_linux.h"
 
 #include "media/base/media.h"
 
 #include "skia/ext/SkFontHost_fontconfig_control.h"
 
+#if defined(CHROMIUM_SELINUX)
+#include <selinux/selinux.h>
+#include <selinux/context.h>
+#endif
+
 #include "unicode/timezone.h"
 
 // http://code.google.com/p/chromium/wiki/LinuxZygote
 
-static const int kBrowserDescriptor = 3;
 static const int kMagicSandboxIPCDescriptor = 5;
-static const int kZygoteIdDescriptor = 7;
-static bool g_suid_sandbox_active = false;
 
 // This is the object which implements the zygote. The ZygoteMain function,
 // which is called from ChromeMain, at the the bottom and simple constructs one
 // of these objects and runs it.
 class Zygote {
  public:
   bool ProcessRequests() {
     // A SOCK_SEQPACKET socket is installed in fd 3. We get commands from the
     // browser on it.
-    // A SOCK_DGRAM is installed in fd 5. This is the sandbox IPC channel.
+    // A SOCK_DGRAM is installed in fd 4. This is the sandbox IPC channel.
     // See http://code.google.com/p/chromium/wiki/LinuxSandboxIPC
 
     // We need to accept SIGCHLD, even though our handler is a no-op because
     // otherwise we cannot wait on children. (According to POSIX 2001.)
     struct sigaction action;
     memset(&action, 0, sizeof(action));
     action.sa_handler = SIGCHLDHandler;
     CHECK(sigaction(SIGCHLD, &action, NULL) == 0);
 
-    if (g_suid_sandbox_active) {
-      // Let the ZygoteHost know we are ready to go.
-      // The receiving code is in chrome/browser/zygote_host_linux.cc.
-      std::vector<int> empty;
-      bool r = base::SendMsg(kBrowserDescriptor, kZygoteMagic,
-                             sizeof(kZygoteMagic), empty);
-      CHECK(r) << "Sending zygote magic failed";
-    }
-
     for (;;) {
-      if (HandleRequestFromBrowser(kBrowserDescriptor))
+      if (HandleRequestFromBrowser(3))
         return true;
     }
   }
 
  private:
   // See comment below, where sigaction is called.
   static void SIGCHLDHandler(int signal) { }
 
   // ---------------------------------------------------------------------------
   // Requests from the browser...
@@ skipping 38 matching lines @@
       }
     }
 
     LOG(WARNING) << "Error parsing message from browser";
     for (std::vector<int>::const_iterator
          i = fds.begin(); i != fds.end(); ++i)
       close(*i);
     return false;
   }
 
-  bool HandleReapRequest(int fd, const Pickle& pickle, void* iter) {
-    base::ProcessId child;
-    base::ProcessId actual_child;
+  bool HandleReapRequest(int fd, Pickle& pickle, void* iter) {
+    pid_t child;
 
     if (!pickle.ReadInt(&iter, &child)) {
       LOG(WARNING) << "Error parsing reap request from browser";
       return false;
     }
 
-    if (g_suid_sandbox_active) {
-      actual_child = real_pids_to_sandbox_pids[child];
-      if (!actual_child)
-        return false;
-      real_pids_to_sandbox_pids.erase(child);
-    } else {
-      actual_child = child;
-    }
-
-    ProcessWatcher::EnsureProcessTerminated(actual_child);
+    ProcessWatcher::EnsureProcessTerminated(child);
 
     return false;
   }
 
-  bool HandleDidProcessCrash(int fd, const Pickle& pickle, void* iter) {
+  bool HandleDidProcessCrash(int fd, Pickle& pickle, void* iter) {
     base::ProcessHandle child;
 
     if (!pickle.ReadInt(&iter, &child)) {
       LOG(WARNING) << "Error parsing DidProcessCrash request from browser";
       return false;
     }
 
     bool child_exited;
-    bool did_crash;
-    if (g_suid_sandbox_active)
-      child = real_pids_to_sandbox_pids[child];
-    if (child)
-      did_crash = base::DidProcessCrash(&child_exited, child);
-    else
-      did_crash = child_exited = false;
+    bool did_crash = base::DidProcessCrash(&child_exited, child);
 
     Pickle write_pickle;
     write_pickle.WriteBool(did_crash);
     write_pickle.WriteBool(child_exited);
     HANDLE_EINTR(write(fd, write_pickle.data(), write_pickle.size()));
 
     return false;
   }
 
   // Handle a 'fork' request from the browser: this means that the browser
   // wishes to start a new renderer.
-  bool HandleForkRequest(int fd, const Pickle& pickle, void* iter,
+  bool HandleForkRequest(int fd, Pickle& pickle, void* iter,
                          std::vector<int>& fds) {
     std::vector<std::string> args;
     int argc, numfds;
     base::GlobalDescriptors::Mapping mapping;
-    base::ProcessId child;
-    uint64_t dummy_inode = 0;
-    int dummy_fd = -1;
+    pid_t child;
 
     if (!pickle.ReadInt(&iter, &argc))
       goto error;
 
     for (int i = 0; i < argc; ++i) {
       std::string arg;
       if (!pickle.ReadString(&iter, &arg))
         goto error;
       args.push_back(arg);
     }
 
     if (!pickle.ReadInt(&iter, &numfds))
       goto error;
     if (numfds != static_cast<int>(fds.size()))
       goto error;
 
     for (int i = 0; i < numfds; ++i) {
       base::GlobalDescriptors::Key key;
       if (!pickle.ReadUInt32(&iter, &key))
         goto error;
       mapping.push_back(std::make_pair(key, fds[i]));
     }
 
     mapping.push_back(std::make_pair(
-        static_cast<uint32_t>(kSandboxIPCChannel), kMagicSandboxIPCDescriptor));
-
-    if (g_suid_sandbox_active) {
-      dummy_fd = socket(PF_UNIX, SOCK_DGRAM, 0);
-      if (dummy_fd < 0)
-        goto error;
-
-      if (!base::FileDescriptorGetInode(&dummy_inode, dummy_fd))
-        goto error;
-    }
+        static_cast<uint32_t>(kSandboxIPCChannel), 5));
 
     child = fork();
 
     if (!child) {
-      close(kBrowserDescriptor);  // our socket from the browser
-      close(kZygoteIdDescriptor);  // another socket from the browser
+      close(3);  // our socket from the browser is in fd 3
       Singleton<base::GlobalDescriptors>()->Reset(mapping);
 
       // Reset the process-wide command line to our new command line.
       CommandLine::Reset();
       CommandLine::Init(0, NULL);
       CommandLine::ForCurrentProcess()->InitFromArgv(args);
       CommandLine::SetProcTitle();
       return true;
-    } else if (child < 0) {
-      LOG(ERROR) << "Zygote could not fork";
-      goto error;
     }
 
-    {
-      base::ProcessId proc_id;
-      if (g_suid_sandbox_active) {
-        close(dummy_fd);
-        dummy_fd = -1;
-        uint8_t reply_buf[512];
-        Pickle request;
-        request.WriteInt(LinuxSandbox::METHOD_GET_CHILD_WITH_INODE);
-        request.WriteUInt64(dummy_inode);
-
-        const ssize_t r = base::SendRecvMsg(kMagicSandboxIPCDescriptor,
-                                            reply_buf, sizeof(reply_buf),
-                                            NULL, request);
-        if (r == -1)
-          goto error;
-
-        Pickle reply(reinterpret_cast<char*>(reply_buf), r);
-        void* iter2 = NULL;
-        if (!reply.ReadInt(&iter2, &proc_id))
-          goto error;
-        real_pids_to_sandbox_pids[proc_id] = child;
-      } else {
-        proc_id = child;
-      }
-
-      for (std::vector<int>::const_iterator
-           i = fds.begin(); i != fds.end(); ++i)
-        close(*i);
-
-      HANDLE_EINTR(write(fd, &proc_id, sizeof(proc_id)));
-      return false;
-    }
-
-   error:
-    LOG(ERROR) << "Error parsing fork request from browser";
     for (std::vector<int>::const_iterator
          i = fds.begin(); i != fds.end(); ++i)
       close(*i);
-    if (dummy_fd >= 0)
-      close(dummy_fd);
+
+    HANDLE_EINTR(write(fd, &child, sizeof(child)));
+    return false;
+
+   error:
+    LOG(WARNING) << "Error parsing fork request from browser";
+    for (std::vector<int>::const_iterator
+         i = fds.begin(); i != fds.end(); ++i)
+      close(*i);
     return false;
   }
-
-  // In the SUID sandbox, we try to use a new PID namespace. Thus the PIDs
-  // fork() returns are not the real PIDs, so we need to map the Real PIDS
-  // into the sandbox PID namespace.
-  typedef base::hash_map<base::ProcessHandle, base::ProcessHandle> ProcessMap;
-  ProcessMap real_pids_to_sandbox_pids;
 };
 
 // With SELinux we can carve out a precise sandbox, so we don't have to play
 // with intercepting libc calls.
 #if !defined(CHROMIUM_SELINUX)
 
 static void ProxyLocaltimeCallToBrowser(time_t input, struct tm* output,
                                         char* timezone_out,
                                         size_t timezone_out_len) {
   Pickle request;
@@ skipping 166 matching lines @@
 }
 
 #if !defined(CHROMIUM_SELINUX)
 static bool EnterSandbox() {
   const char* const sandbox_fd_string = getenv("SBX_D");
   if (sandbox_fd_string) {
     // The SUID sandbox sets this environment variable to a file descriptor
     // over which we can signal that we have completed our startup and can be
     // chrooted.
 
-    g_suid_sandbox_active = true;
-
     char* endptr;
     const long fd_long = strtol(sandbox_fd_string, &endptr, 10);
     if (!*sandbox_fd_string || *endptr || fd_long < 0 || fd_long > INT_MAX)
       return false;
     const int fd = fd_long;
 
     PreSandboxInit();
 
     static const char kChrootMe = 'C';
     static const char kChrootMeSuccess = 'O';
@@ skipping 87 matching lines @@
 
   if (!EnterSandbox()) {
     LOG(FATAL) << "Failed to enter sandbox. Fail safe abort. (errno: "
                << errno << ")";
     return false;
   }
 
   Zygote zygote;
   return zygote.ProcessRequests();
 }